Coverage Report

Created: 2025-07-11 06:59

/src/dovecot/src/lib/malloc-overflow.h
Line
Count
Source (jump to first uncovered line)
1
#ifndef MALLOC_OVERFLOW_H
2
#define MALLOC_OVERFLOW_H
3
4
/* MALLOC_*() can be used to calculate memory allocation sizes. If there's an
5
   overflow, it'll cleanly panic instead of causing a potential buffer
6
   overflow.
7
8
   Note that *_malloc(size+1) doesn't need to use MALLOC_ADD(size, 1). It wraps
9
   to size==0 and the *_malloc() calls already panic if size==0. */
10
static inline size_t
11
malloc_multiply_check(size_t a, size_t b, size_t sizeof_a, size_t sizeof_b,
12
          const char *fname, unsigned int linenum)
13
2.87M
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
2.87M
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
2.87M
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
2.87M
  return a * b;
22
2.87M
}
Unexecuted instantiation: fuzz-smtp-server.c:malloc_multiply_check
smtp-server-cmd-data.c:malloc_multiply_check
Line
Count
Source
13
17.9k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
17.9k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
17.9k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
17.9k
  return a * b;
22
17.9k
}
smtp-server-reply.c:malloc_multiply_check
Line
Count
Source
13
109k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
109k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
109k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
109k
  return a * b;
22
109k
}
smtp-server-command.c:malloc_multiply_check
Line
Count
Source
13
226k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
226k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
226k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
226k
  return a * b;
22
226k
}
smtp-server-recipient.c:malloc_multiply_check
Line
Count
Source
13
10.8k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
10.8k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
10.8k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
10.8k
  return a * b;
22
10.8k
}
smtp-server-transaction.c:malloc_multiply_check
Line
Count
Source
13
3.99k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
3.99k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
3.99k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
3.99k
  return a * b;
22
3.99k
}
smtp-server-connection.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
smtp-server.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
Unexecuted instantiation: smtp-syntax.c:malloc_multiply_check
Unexecuted instantiation: smtp-address.c:malloc_multiply_check
Unexecuted instantiation: smtp-common.c:malloc_multiply_check
Unexecuted instantiation: smtp-params.c:malloc_multiply_check
Unexecuted instantiation: smtp-reply.c:malloc_multiply_check
Unexecuted instantiation: smtp-reply-parser.c:malloc_multiply_check
smtp-command-parser.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
smtp-server-cmd-helo.c:malloc_multiply_check
Line
Count
Source
13
7.76k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
7.76k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
7.76k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
7.76k
  return a * b;
22
7.76k
}
Unexecuted instantiation: smtp-server-cmd-starttls.c:malloc_multiply_check
Unexecuted instantiation: smtp-server-cmd-auth.c:malloc_multiply_check
smtp-server-cmd-mail.c:malloc_multiply_check
Line
Count
Source
13
11.3k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
11.3k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
11.3k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
11.3k
  return a * b;
22
11.3k
}
smtp-server-cmd-rcpt.c:malloc_multiply_check
Line
Count
Source
13
10.8k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
10.8k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
10.8k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
10.8k
  return a * b;
22
10.8k
}
Unexecuted instantiation: smtp-server-cmd-rset.c:malloc_multiply_check
Unexecuted instantiation: smtp-server-cmd-noop.c:malloc_multiply_check
Unexecuted instantiation: smtp-server-cmd-quit.c:malloc_multiply_check
Unexecuted instantiation: smtp-server-cmd-vrfy.c:malloc_multiply_check
Unexecuted instantiation: smtp-server-cmd-xclient.c:malloc_multiply_check
Unexecuted instantiation: smtp-parser.c:malloc_multiply_check
istream-dot.c:malloc_multiply_check
Line
Count
Source
13
1.21k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
1.21k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
1.21k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
1.21k
  return a * b;
22
1.21k
}
Unexecuted instantiation: message-address.c:malloc_multiply_check
Unexecuted instantiation: message-date.c:malloc_multiply_check
Unexecuted instantiation: rfc822-parser.c:malloc_multiply_check
Unexecuted instantiation: iostream-ssl.c:malloc_multiply_check
Unexecuted instantiation: iostream-ssl-context-cache.c:malloc_multiply_check
Unexecuted instantiation: ssl-settings.c:malloc_multiply_check
Unexecuted instantiation: settings.c:malloc_multiply_check
Unexecuted instantiation: settings-parser.c:malloc_multiply_check
Unexecuted instantiation: dns-util.c:malloc_multiply_check
Unexecuted instantiation: expansion-program.c:malloc_multiply_check
Unexecuted instantiation: var-expand.c:malloc_multiply_check
Unexecuted instantiation: var-expand-parser.c:malloc_multiply_check
Unexecuted instantiation: var-expand-lexer.c:malloc_multiply_check
Unexecuted instantiation: expansion-parameter.c:malloc_multiply_check
Unexecuted instantiation: expansion-statement.c:malloc_multiply_check
Unexecuted instantiation: expansion-filter.c:malloc_multiply_check
Unexecuted instantiation: expansion-filter-if.c:malloc_multiply_check
Unexecuted instantiation: expansion-filter-crypt.c:malloc_multiply_check
Unexecuted instantiation: fuzzer.c:malloc_multiply_check
Unexecuted instantiation: array.c:malloc_multiply_check
Unexecuted instantiation: base64.c:malloc_multiply_check
buffer.c:malloc_multiply_check
Line
Count
Source
13
808k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
808k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
808k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
808k
  return a * b;
22
808k
}
connection.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
Unexecuted instantiation: cpu-count.c:malloc_multiply_check
Unexecuted instantiation: crc32.c:malloc_multiply_check
Unexecuted instantiation: data-stack.c:malloc_multiply_check
Unexecuted instantiation: event-filter.c:malloc_multiply_check
Unexecuted instantiation: event-filter-lexer.c:malloc_multiply_check
Unexecuted instantiation: event-filter-parser.c:malloc_multiply_check
Unexecuted instantiation: event-log.c:malloc_multiply_check
Unexecuted instantiation: failures.c:malloc_multiply_check
Unexecuted instantiation: fd-util.c:malloc_multiply_check
Unexecuted instantiation: guid.c:malloc_multiply_check
Unexecuted instantiation: hash.c:malloc_multiply_check
Unexecuted instantiation: hash-method.c:malloc_multiply_check
Unexecuted instantiation: hex-binary.c:malloc_multiply_check
Unexecuted instantiation: hostpid.c:malloc_multiply_check
Unexecuted instantiation: imem.c:malloc_multiply_check
Unexecuted instantiation: iostream.c:malloc_multiply_check
iostream-pump.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
Unexecuted instantiation: iostream-rawlog.c:malloc_multiply_check
istream.c:malloc_multiply_check
Line
Count
Source
13
3.08k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
3.08k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
3.08k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
3.08k
  return a * b;
22
3.08k
}
istream-chain.c:malloc_multiply_check
Line
Count
Source
13
10.3k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
10.3k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
10.3k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
10.3k
  return a * b;
22
10.3k
}
istream-data.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
istream-failure-at.c:malloc_multiply_check
Line
Count
Source
13
1.21k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
1.21k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
1.21k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
1.21k
  return a * b;
22
1.21k
}
istream-file.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
istream-limit.c:malloc_multiply_check
Line
Count
Source
13
10.5k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
10.5k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
10.5k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
10.5k
  return a * b;
22
10.5k
}
Unexecuted instantiation: istream-rawlog.c:malloc_multiply_check
istream-sized.c:malloc_multiply_check
Line
Count
Source
13
10.5k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
10.5k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
10.5k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
10.5k
  return a * b;
22
10.5k
}
Unexecuted instantiation: istream-unix.c:malloc_multiply_check
ioloop.c:malloc_multiply_check
Line
Count
Source
13
132k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
132k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
132k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
132k
  return a * b;
22
132k
}
Unexecuted instantiation: ioloop-notify-inotify.c:malloc_multiply_check
ioloop-epoll.c:malloc_multiply_check
Line
Count
Source
13
17.5k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
17.5k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
17.5k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
17.5k
  return a * b;
22
17.5k
}
Unexecuted instantiation: lib.c:malloc_multiply_check
lib-event.c:malloc_multiply_check
Line
Count
Source
13
485k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
485k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
485k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
485k
  return a * b;
22
485k
}
Unexecuted instantiation: lib-signals.c:malloc_multiply_check
Unexecuted instantiation: md4.c:malloc_multiply_check
Unexecuted instantiation: md5.c:malloc_multiply_check
memarea.c:malloc_multiply_check
Line
Count
Source
13
7.98k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
7.98k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
7.98k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
7.98k
  return a * b;
22
7.98k
}
Unexecuted instantiation: mempool.c:malloc_multiply_check
mempool-alloconly.c:malloc_multiply_check
Line
Count
Source
13
621k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
621k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
621k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
621k
  return a * b;
22
621k
}
mempool-datastack.c:malloc_multiply_check
Line
Count
Source
13
264k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
264k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
264k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
264k
  return a * b;
22
264k
}
Unexecuted instantiation: mempool-system.c:malloc_multiply_check
Unexecuted instantiation: mempool-unsafe-datastack.c:malloc_multiply_check
Unexecuted instantiation: mmap-util.c:malloc_multiply_check
Unexecuted instantiation: module-dir.c:malloc_multiply_check
Unexecuted instantiation: net.c:malloc_multiply_check
Unexecuted instantiation: ostream.c:malloc_multiply_check
ostream-file.c:malloc_multiply_check
Line
Count
Source
13
11.7k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
11.7k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
11.7k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
11.7k
  return a * b;
22
11.7k
}
Unexecuted instantiation: ostream-rawlog.c:malloc_multiply_check
Unexecuted instantiation: ostream-unix.c:malloc_multiply_check
Unexecuted instantiation: path-util.c:malloc_multiply_check
Unexecuted instantiation: primes.c:malloc_multiply_check
Unexecuted instantiation: printf-format-fix.c:malloc_multiply_check
Unexecuted instantiation: process-title.c:malloc_multiply_check
priorityq.c:malloc_multiply_check
Line
Count
Source
13
5.86k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
5.86k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
5.86k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
5.86k
  return a * b;
22
5.86k
}
Unexecuted instantiation: punycode.c:malloc_multiply_check
Unexecuted instantiation: randgen.c:malloc_multiply_check
Unexecuted instantiation: rand.c:malloc_multiply_check
Unexecuted instantiation: read-full.c:malloc_multiply_check
Unexecuted instantiation: restrict-access.c:malloc_multiply_check
Unexecuted instantiation: safe-memset.c:malloc_multiply_check
Unexecuted instantiation: sendfile-util.c:malloc_multiply_check
Unexecuted instantiation: sha1.c:malloc_multiply_check
Unexecuted instantiation: sha2.c:malloc_multiply_check
Unexecuted instantiation: sha3.c:malloc_multiply_check
Unexecuted instantiation: sleep.c:malloc_multiply_check
Unexecuted instantiation: str.c:malloc_multiply_check
Unexecuted instantiation: str-sanitize.c:malloc_multiply_check
Unexecuted instantiation: str-parse.c:malloc_multiply_check
Unexecuted instantiation: strescape.c:malloc_multiply_check
strfuncs.c:malloc_multiply_check
Line
Count
Source
13
37.9k
{
14
  /* the first sizeof-checks are intended to optimize away this entire
15
     if-check for types that are small enough to never wrap size_t. */
16
37.9k
  if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
17
37.9k
      b != 0 && (a > SIZE_MAX / b)) {
18
0
    i_panic("file %s: line %d: memory allocation overflow: %zu * %zu",
19
0
      fname, linenum, a, b);
20
0
  }
21
37.9k
  return a * b;
22
37.9k
}
Unexecuted instantiation: strnum.c:malloc_multiply_check
Unexecuted instantiation: time-util.c:malloc_multiply_check
Unexecuted instantiation: unichar.c:malloc_multiply_check
Unexecuted instantiation: utc-offset.c:malloc_multiply_check
Unexecuted instantiation: utc-mktime.c:malloc_multiply_check
Unexecuted instantiation: wildcard-match.c:malloc_multiply_check
Unexecuted instantiation: write-full.c:malloc_multiply_check
Unexecuted instantiation: backtrace-string.c:malloc_multiply_check
Unexecuted instantiation: bits.c:malloc_multiply_check
Unexecuted instantiation: env-util.c:malloc_multiply_check
Unexecuted instantiation: fdpass.c:malloc_multiply_check
Unexecuted instantiation: ipwd.c:malloc_multiply_check
Unexecuted instantiation: ioloop-iolist.c:malloc_multiply_check
Unexecuted instantiation: ioloop-notify-fd.c:malloc_multiply_check
23
#ifndef STATIC_CHECKER
24
#  define MALLOC_MULTIPLY(a, b) \
25
2.87M
  malloc_multiply_check(a, b, sizeof(a), sizeof(b), __FILE__, __LINE__) // NOLINT(bugprone-sizeof-expression)
26
#else
27
/* avoid warning every time about sizeof(b) when b contains any arithmetic */
28
#  define MALLOC_MULTIPLY(a, b) \
29
  malloc_multiply_check(a, b, sizeof(a), sizeof(size_t), __FILE__, __LINE__)  // NOLINT(bugprone-sizeof-expression)
30
#endif
31
32
static inline size_t
33
malloc_add_check(size_t a, size_t b, size_t sizeof_a, size_t sizeof_b,
34
     const char *fname, unsigned int linenum)
35
60.4k
{
36
  /* the first sizeof-checks are intended to optimize away this entire
37
     if-check for types that are small enough to never wrap size_t. */
38
60.4k
  if ((sizeof_a >= sizeof(size_t) || sizeof_b >= sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
39
60.4k
      SIZE_MAX - a < b) {
40
0
    i_panic("file %s: line %d: memory allocation overflow: %zu + %zu",
41
0
      fname, linenum, a, b);
42
0
  }
43
60.4k
  return a + b;
44
60.4k
}
Unexecuted instantiation: fuzz-smtp-server.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-data.c:malloc_add_check
Unexecuted instantiation: smtp-server-reply.c:malloc_add_check
Unexecuted instantiation: smtp-server-command.c:malloc_add_check
Unexecuted instantiation: smtp-server-recipient.c:malloc_add_check
Unexecuted instantiation: smtp-server-transaction.c:malloc_add_check
Unexecuted instantiation: smtp-server-connection.c:malloc_add_check
Unexecuted instantiation: smtp-server.c:malloc_add_check
Unexecuted instantiation: smtp-syntax.c:malloc_add_check
smtp-address.c:malloc_add_check
Line
Count
Source
35
60.4k
{
36
  /* the first sizeof-checks are intended to optimize away this entire
37
     if-check for types that are small enough to never wrap size_t. */
38
60.4k
  if ((sizeof_a >= sizeof(size_t) || sizeof_b >= sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
39
60.4k
      SIZE_MAX - a < b) {
40
0
    i_panic("file %s: line %d: memory allocation overflow: %zu + %zu",
41
0
      fname, linenum, a, b);
42
0
  }
43
60.4k
  return a + b;
44
60.4k
}
Unexecuted instantiation: smtp-common.c:malloc_add_check
Unexecuted instantiation: smtp-params.c:malloc_add_check
Unexecuted instantiation: smtp-reply.c:malloc_add_check
Unexecuted instantiation: smtp-reply-parser.c:malloc_add_check
Unexecuted instantiation: smtp-command-parser.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-helo.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-starttls.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-auth.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-mail.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-rcpt.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-rset.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-noop.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-quit.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-vrfy.c:malloc_add_check
Unexecuted instantiation: smtp-server-cmd-xclient.c:malloc_add_check
Unexecuted instantiation: smtp-parser.c:malloc_add_check
Unexecuted instantiation: istream-dot.c:malloc_add_check
Unexecuted instantiation: message-address.c:malloc_add_check
Unexecuted instantiation: message-date.c:malloc_add_check
Unexecuted instantiation: rfc822-parser.c:malloc_add_check
Unexecuted instantiation: iostream-ssl.c:malloc_add_check
Unexecuted instantiation: iostream-ssl-context-cache.c:malloc_add_check
Unexecuted instantiation: ssl-settings.c:malloc_add_check
Unexecuted instantiation: settings.c:malloc_add_check
Unexecuted instantiation: settings-parser.c:malloc_add_check
Unexecuted instantiation: dns-util.c:malloc_add_check
Unexecuted instantiation: expansion-program.c:malloc_add_check
Unexecuted instantiation: var-expand.c:malloc_add_check
Unexecuted instantiation: var-expand-parser.c:malloc_add_check
Unexecuted instantiation: var-expand-lexer.c:malloc_add_check
Unexecuted instantiation: expansion-parameter.c:malloc_add_check
Unexecuted instantiation: expansion-statement.c:malloc_add_check
Unexecuted instantiation: expansion-filter.c:malloc_add_check
Unexecuted instantiation: expansion-filter-if.c:malloc_add_check
Unexecuted instantiation: expansion-filter-crypt.c:malloc_add_check
Unexecuted instantiation: fuzzer.c:malloc_add_check
Unexecuted instantiation: array.c:malloc_add_check
Unexecuted instantiation: base64.c:malloc_add_check
Unexecuted instantiation: buffer.c:malloc_add_check
Unexecuted instantiation: connection.c:malloc_add_check
Unexecuted instantiation: cpu-count.c:malloc_add_check
Unexecuted instantiation: crc32.c:malloc_add_check
data-stack.c:malloc_add_check
Line
Count
Source
35
18
{
36
  /* the first sizeof-checks are intended to optimize away this entire
37
     if-check for types that are small enough to never wrap size_t. */
38
18
  if ((sizeof_a >= sizeof(size_t) || sizeof_b >= sizeof(size_t)) && // NOLINT(bugprone-sizeof-expression)
39
18
      SIZE_MAX - a < b) {
40
0
    i_panic("file %s: line %d: memory allocation overflow: %zu + %zu",
41
0
      fname, linenum, a, b);
42
0
  }
43
18
  return a + b;
44
18
}
Unexecuted instantiation: event-filter.c:malloc_add_check
Unexecuted instantiation: event-filter-lexer.c:malloc_add_check
Unexecuted instantiation: event-filter-parser.c:malloc_add_check
Unexecuted instantiation: event-log.c:malloc_add_check
Unexecuted instantiation: failures.c:malloc_add_check
Unexecuted instantiation: fd-util.c:malloc_add_check
Unexecuted instantiation: guid.c:malloc_add_check
Unexecuted instantiation: hash.c:malloc_add_check
Unexecuted instantiation: hash-method.c:malloc_add_check
Unexecuted instantiation: hex-binary.c:malloc_add_check
Unexecuted instantiation: hostpid.c:malloc_add_check
Unexecuted instantiation: imem.c:malloc_add_check
Unexecuted instantiation: iostream.c:malloc_add_check
Unexecuted instantiation: iostream-pump.c:malloc_add_check
Unexecuted instantiation: iostream-rawlog.c:malloc_add_check
Unexecuted instantiation: istream.c:malloc_add_check
Unexecuted instantiation: istream-chain.c:malloc_add_check
Unexecuted instantiation: istream-data.c:malloc_add_check
Unexecuted instantiation: istream-failure-at.c:malloc_add_check
Unexecuted instantiation: istream-file.c:malloc_add_check
Unexecuted instantiation: istream-limit.c:malloc_add_check
Unexecuted instantiation: istream-rawlog.c:malloc_add_check
Unexecuted instantiation: istream-sized.c:malloc_add_check
Unexecuted instantiation: istream-unix.c:malloc_add_check
Unexecuted instantiation: ioloop.c:malloc_add_check
Unexecuted instantiation: ioloop-notify-inotify.c:malloc_add_check
Unexecuted instantiation: ioloop-epoll.c:malloc_add_check
Unexecuted instantiation: lib.c:malloc_add_check
Unexecuted instantiation: lib-event.c:malloc_add_check
Unexecuted instantiation: lib-signals.c:malloc_add_check
Unexecuted instantiation: md4.c:malloc_add_check
Unexecuted instantiation: md5.c:malloc_add_check
Unexecuted instantiation: memarea.c:malloc_add_check
Unexecuted instantiation: mempool.c:malloc_add_check
Unexecuted instantiation: mempool-alloconly.c:malloc_add_check
Unexecuted instantiation: mempool-datastack.c:malloc_add_check
Unexecuted instantiation: mempool-system.c:malloc_add_check
Unexecuted instantiation: mempool-unsafe-datastack.c:malloc_add_check
Unexecuted instantiation: mmap-util.c:malloc_add_check
Unexecuted instantiation: module-dir.c:malloc_add_check
Unexecuted instantiation: net.c:malloc_add_check
Unexecuted instantiation: ostream.c:malloc_add_check
Unexecuted instantiation: ostream-file.c:malloc_add_check
Unexecuted instantiation: ostream-rawlog.c:malloc_add_check
Unexecuted instantiation: ostream-unix.c:malloc_add_check
Unexecuted instantiation: path-util.c:malloc_add_check
Unexecuted instantiation: primes.c:malloc_add_check
Unexecuted instantiation: printf-format-fix.c:malloc_add_check
Unexecuted instantiation: process-title.c:malloc_add_check
Unexecuted instantiation: priorityq.c:malloc_add_check
Unexecuted instantiation: punycode.c:malloc_add_check
Unexecuted instantiation: randgen.c:malloc_add_check
Unexecuted instantiation: rand.c:malloc_add_check
Unexecuted instantiation: read-full.c:malloc_add_check
Unexecuted instantiation: restrict-access.c:malloc_add_check
Unexecuted instantiation: safe-memset.c:malloc_add_check
Unexecuted instantiation: sendfile-util.c:malloc_add_check
Unexecuted instantiation: sha1.c:malloc_add_check
Unexecuted instantiation: sha2.c:malloc_add_check
Unexecuted instantiation: sha3.c:malloc_add_check
Unexecuted instantiation: sleep.c:malloc_add_check
Unexecuted instantiation: str.c:malloc_add_check
Unexecuted instantiation: str-sanitize.c:malloc_add_check
Unexecuted instantiation: str-parse.c:malloc_add_check
Unexecuted instantiation: strescape.c:malloc_add_check
Unexecuted instantiation: strfuncs.c:malloc_add_check
Unexecuted instantiation: strnum.c:malloc_add_check
Unexecuted instantiation: time-util.c:malloc_add_check
Unexecuted instantiation: unichar.c:malloc_add_check
Unexecuted instantiation: utc-offset.c:malloc_add_check
Unexecuted instantiation: utc-mktime.c:malloc_add_check
Unexecuted instantiation: wildcard-match.c:malloc_add_check
Unexecuted instantiation: write-full.c:malloc_add_check
Unexecuted instantiation: backtrace-string.c:malloc_add_check
Unexecuted instantiation: bits.c:malloc_add_check
Unexecuted instantiation: env-util.c:malloc_add_check
Unexecuted instantiation: fdpass.c:malloc_add_check
Unexecuted instantiation: ipwd.c:malloc_add_check
Unexecuted instantiation: ioloop-iolist.c:malloc_add_check
Unexecuted instantiation: ioloop-notify-fd.c:malloc_add_check
45
#ifndef STATIC_CHECKER
46
#  define MALLOC_ADD(a, b) \
47
60.4k
  malloc_add_check(a, b, sizeof(a), sizeof(b), __FILE__, __LINE__) // NOLINT(bugprone-sizeof-expression)
48
#else
49
/* avoid warning every time about sizeof(b) when b contains any arithmetic */
50
#  define MALLOC_ADD(a, b) \
51
  malloc_add_check(a, b, sizeof(a), sizeof(size_t), __FILE__, __LINE__) // NOLINT(bugprone-sizeof-expression)
52
#endif
53
54
#endif